OpenPMF Security Policy Automation and Management Platform stops security breaches and data leakage with powerful policy enforcement, and makes security policy manageable through automation.
OpenPMF is the “umbrella” platform for security policy management. It allows organizations to implement rich policies with consistency – organization-wide “in depth” across many technologies and layers. OpenPMF lets you do this in a way that is easy to implement, manage and audit. You can author and maintain powerful yet intuitive security policies across your IT landscape , including for example Attribute Based Access Control (ABAC) based on rich, customizable attributes such as location, time and context. OpenPMF automatically calculates the matching technical enforcement rules and configurations for you – automatically bridging the ‘semantic gap’ between human intuitive generic security policies and the detailed technical implementation. OpenPMF reduces risk/costs, improves security & compliance, and enables smarter business.
What problem does OpenPMF solve?
When securing your organization’s interconnected IT landscape…There are too many rules & configurations, and too many changes to do this manually. It’s unmanageable. The policy you wanted isn’t all that complex and long if you write it out in human-intuitive concepts and terms. The policy gets very simple if you capture it in generic concepts.OpenPMF lets you easily author such generic policies and many more advanced generic policies. OpenPMF automatically calculates the matching technical rules & configurations. Even better, such generic policies won’t need to be changed often, even if your IT landscape changes! OpenPMF simply re-calculates the technical updates for you!
ObjectSecurity OpenPMF lets you easily author generic and advanced security policies. It enables you to maintain “one truth” of the undistorted, feature-rich, expressive policies. OpenPMF automatically calculates the matching technical rules & configurations for the underlying IT landscape, integrating either via OpenPMF’s own enforcement software agents, or via rapidly customizable exporters to configure third party products.
OpenPMF is powerful and scalable: such generic policies will not need to be changed often, even if your IT landscape changes. OpenPMF simply re-calculates the technical updates for you. Unlike competing technologies, OpenPMF makes advanced access policies both manageable and implementable. It integrates out of the box with numerous standards and technologies, and automates much of policy authoring and enforcement.
OpenPMF helps you implement and manage better access policies: you can robustly implement the necessary access control policies across your IT andscape based on rich, customizable attributes including location, time and context. OpenPMF makes access control mode effective, auditable and manageable across your interconnected IT landscape for all stakeholders. It reduces cost, and improves security and compliance. It also speeds up and simplifies security implementation, maintenance, and testing. It is often implemented as part of Identity & Access Management (IAM) initiatives, which all major enterprises and governments have
How does OpenPMF work?
OpenPMF’s policies are captured in generic terms , rather than in technical security rules. This way, OpenPMF policies typically do not have to change when the application landscape (e.g. web application interactions) changes. OpenPMF automatically generates the technical security enforcement rules from those models by automatically analyzing the applications with all their interactions, and inferring which rules are required to enforce the requirements defined in the models. OpenPMF (patent-pending) ensures policies are manageable even if IT landscapes are large and change dynamically. The result is a significant cost saving, esp. with respect to maintenance.